Don’t Complicate Data Discovery and Classification

Ron Arden Data breach, Data security, Privacy

Data discovery and classification is an important first step to protect your confidential data and comply with privacy regulations.  You need to identify the location of your data and its value to your organization before determining how to protect it.  Done right, this leads to a data-centric security and compliance program that is critical to your corporate brand and competitive …

Can Updated FFIEC Cyber Assessment Tool Help With Other Regulations?

Ron Arden Cybersecurity, Data breach, Data security, Privacy Leave a Comment

The Federal Financial Institutions Examination Council (FFIEC) released an update to its Cybersecurity Assessment Tool to help financial institutions establish a better baseline to identify their risks and determine their cybersecurity preparedness. The original intent of the Assessment was to provide a repeatable and measurable process for financial institutions to measure their cybersecurity preparedness over time. The updates are a …

Cyber Security Legislation Will Change the Face of Business

Ron Arden Cybersecurity, Data breach, Privacy Leave a Comment

As 2017 gets underway, cyber security legislation will strengthen and force businesses to change the way they approach information security.  At the federal level in the United States, the US Congress and President have proposed numerous updates to existing regulations and new regulations to cover all facets of cybersecurity.  These include the Cyber Preparedness Act of 2016, Cybersecurity Systems and …

Securing Information While Sharing

Ron Arden Cybersecurity, Data breach, Insider threat, Privacy, Secure collaboration Leave a Comment

In a recent article entitled “Securing Information for a Shared Services Infrastructure”, Richard Freeman from Ricoh Canada talked about the need to secure information as companies share it internally and externally.  The focus of the article is how an organization must look at balancing the need to efficiently share information without compromising privacy, protection of intellectual property and other sensitive …

Trust and Betrayal – A Tale of Insider Threats

Ron Arden Data breach, Data security, Insider threat, Privacy Leave a Comment

You do complete background checks and go through references as part of your hiring processes. You continually and painstakingly train employees on security and data breach topics to make sure they are educated and will know what to do and not to do during the course of daily business. You even conduct daily auditing of system activity and ensure that you …

Data-Centric Approach Starves Data-Hungry Cybercriminals

Bill Blake Data breach, Insider threat, Privacy Leave a Comment

In a slideshow recently published in IT Business Edge, breaches within healthcare organizations hit an all-time high in 2015. With healthcare records growing in value, cybercriminals have realized they can get a quick payout by hacking this confidential information and selling it to other malicious actors or groups. Healthcare organizations have become easy targets because they tend to place more …

Concerned about Print Security?

Ron Arden Data breach, Data security, Insider threat, Print security, Privacy 2 Comments

Information security is a tough business.  As technologies evolve and businesses seek to use technology advancements as a competitive edge to be more productive, more efficient and to provide better service to their customers, the bad guys are also innovating with more ingenious ways to get at valuable digital business information.  Security postures are often re-evaluated to add new layers …

EU-US Privacy Shield and the Future of Data Protection

Ron Arden Data breach, Insider threat, Privacy Leave a Comment

The European Commission adopted the EU-US Privacy Shield on July 12, 2016 as a replacement for the Safe Harbor rules that were overturned by the European Court of Justice in October 2015.  This new framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States as well as bringing legal clarity for …

Seven Employees at ProMedica Hospitals Breach Patient Information

Ron Arden Data breach, Data security, Insider threat, Privacy Leave a Comment

Recently ProMedica Bixby and Herrick Hospitals contacted 3,472 patients informing them that their private medical records had been improperly accessed by seven employees.  As is standard practice with the breach of patient information, patients received letters from ProMedica explaining the situation, the hospital’s action plan to prevent additional breaches and offering a full year of free credit protection monitoring. The hospital …

FDIC is Adding Digital Rights Management to Arsenal for Data-Centric Security

Ron Arden Data breach, Data security, Insider threat, Privacy Leave a Comment

On Thursday May 12, 2016, the Congressional Subcommittee on Science, Space and Technology held a special hearing in Room 2318 of the Rayburn House Office Building.  The hearing addressed if Americans can trust their private banking information is secure by relying on the Federal Deposit Insurance Corporation (FDIC). During the session, lawmakers stated that the FDIC has a long history …